export interface RuleInfo {
    id: string;
    name: string;
    titleEn: string;
    titleCn: string;
    descEn: string;
    descCn: string;
    url: string;
    shellInjection?: boolean;
}

export const RuleList: RuleInfo[] = [
    {
        id: "B101",
        name: "assert_used",
        titleEn: "Test for use of assert",
        titleCn: "断言使用测试",
        descEn: "This plugin test checks for the use of the Python assert keyword. It was discovered that some projects used assert to enforce interface constraints. However, assert is removed with compiling to optimised byte code (python -o producing *.pyo files). This caused various protections to be removed. Consider raising a semantically meaningful error or AssertionError instead.",
        descCn: "这个插件测试检查Python断言关键字的使用情况。人们发现，一些项目使用assert来强制执行接口约束。然而，在编译到优化的字节码（生成*.pyo文件的python-o）时，assert被删除了。这导致各种保护措施被取消。请考虑引发语义上有意义的错误或断言错误。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html",
    },
    {
        id: "B102",
        name: "exec_used",
        titleEn: "Test for the use of exec",
        titleCn: "exec的使用测试",
        descEn: "This plugin test checks for the use of Python’s exec method or keyword. The Python docs succinctly describe why the use of exec is risky.",
        descCn: "这个插件测试检查Python的exec方法或关键字的使用情况。Python文档简明扼要地描述了为什么使用exec有风险。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b102_exec_used.html",
    },
    {
        id: "B103",
        name: "set_bad_file_permissions",
        titleEn: "Test for setting permissive file permissions",
        titleCn: "设置文件权限的测试",
        descEn: "This plugin test looks for the use of chmod and will alert when it is used to set particularly permissive control flags. A MEDIUM warning is generated if a file is set to group write or executable and a HIGH warning is reported if a file is set world write or executable. Warnings are given with HIGH confidence.",
        descCn: "此插件测试查找chmod的使用情况，并在用于设置特别允许的控制标志时发出警报。如果将文件设置为组写入或可执行，则会生成MEDIUM警告；如果将文件设为全局写入或可运行，则会报告HIGH警告。警告的可信度很高。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b103_set_bad_file_permissions.html",
    },
    {
        id: "B104",
        name: "hardcoded_bind_all_interfaces",
        titleEn: "Test for binding to all interfaces",
        titleCn: "测试是否绑定到所有网络接口",
        descEn: "Binding to all network interfaces can potentially open up a service to traffic on unintended interfaces, that may not be properly documented or secured. This plugin test looks for a string pattern “0.0.0.0” that may indicate a hardcoded binding to all network interfaces.",
        descCn: "绑定到所有网络接口可能会为意外接口上的流量打开服务，这些接口可能没有正确记录或保护。这个插件测试寻找一个字符串模式“0.0.0.0”，它可能指示到所有网络接口的硬编码绑定。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b104_hardcoded_bind_all_interfaces.html",
    },
    {
        id: "B105",
        name: "hardcoded_password_string",
        titleEn: "Test for use of hard-coded password strings",
        titleCn: "测试硬编码密码字符串的使用",
        descEn: `The use of hard-coded passwords increases the possibility of password guessing tremendously. This plugin test looks for all string literals and checks the following conditions:

assigned to a variable that looks like a password
assigned to a dict key that looks like a password
assigned to a class attribute that looks like a password
used in a comparison with a variable that looks like a password`,
        descCn: `测试硬编码密码字符串的使用硬编码密码的使用极大地增加了猜测密码的可能性。此插件测试查找所有字符串文字并检查以下条件：

分配给一个看起来像密码的变量
分配给一个看起来像密码的dict密钥
分配给一个看起来像密码的类属性
用于与看起来像密码的变量进行比较`,
        url: "https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html",
    },
    {
        id: "B106",
        name: "hardcoded_password_funcarg",
        titleEn: "Test for use of hard-coded password function arguments",
        titleCn: "测试硬编码密码函数参数的使用",
        descEn: "The use of hard-coded passwords increases the possibility of password guessing tremendously. This plugin test looks for all function calls being passed a keyword argument that is a string literal. It checks that the assigned local variable does not look like a password.",
        descCn: "硬编码密码的使用极大地增加了猜测密码的可能性。这个插件测试查找所有被传递了一个字符串文本关键字参数的函数调用。它检查指定的局部变量是否看起来像密码。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b106_hardcoded_password_funcarg.html",
    },
    {
        id: "B107",
        name: "hardcoded_password_default",
        titleEn: "Test for use of hard-coded password argument defaults",
        titleCn: "测试是否使用硬编码密码参数默认值",
        descEn: "The use of hard-coded passwords increases the possibility of password guessing tremendously. This plugin test looks for all function definitions that specify a default string literal for some argument. It checks that the argument does not look like a password.",
        descCn: "硬编码密码的使用极大地增加了猜测密码的可能性。此插件测试查找为某些参数指定默认字符串文字的所有函数定义。它检查参数是否看起来像密码。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b107_hardcoded_password_default.html",
    },
    {
        id: "B108",
        name: "hardcoded_tmp_directory",
        titleEn: "Test for insecure usage of tmp file/directory",
        titleCn: "测试tmp目录的不安全使用情况",
        descEn: `Safely creating a temporary file or directory means following a number of rules (see the references for more details). This plugin test looks for strings starting with (configurable) commonly used temporary paths, for example:

/tmp
/var/tmp
/dev/shm
etc`,
        descCn: `安全地创建临时文件或目录意味着要遵守一些规则（有关更多详细信息，请参阅参考资料）。此插件测试查找以（可配置的）常用临时路径开头的字符串，例如：
/tmp
/var/tmp
/dev/shm
等`,
        url: "https://bandit.readthedocs.io/en/latest/plugins/b108_hardcoded_tmp_directory.html",
    },
    {
        id: "B109",
        name: "password_config_option_not_marked_secret",
        titleEn: "Test for a password based config option not marked secret",
        titleCn: "测试未标记为机密的基于密码的配置选项",
        descEn: "Passwords are sensitive and must be protected appropriately. In OpenStack Oslo there is an option to mark options “secret” which will ensure that they are not logged. This plugin detects usages of oslo configuration functions that appear to deal with strings ending in ‘password’ and flag usages where they have not been marked secret.",
        descCn: "密码是敏感的，必须得到适当的保护。在OpenStack Oslo中，有一个将选项标记为“机密”的选项，这将确保它们不会被记录。此插件检测oslo配置函数的用法，这些函数似乎处理以“password”结尾的字符串，并标记未标记为secret的用法。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b109_password_config_option_not_marked_secret.html",
    },
    {
        id: "B110",
        name: "try_except_pass",
        titleEn: "Test for a pass in the except block",
        titleCn: "测试在except块中是否存在pass",
        descEn: "Errors in Python code bases are typically communicated using Exceptions. An exception object is ‘raised’ in the event of an error and can be ‘caught’ at a later point in the program, typically some error handling or logging action will then be performed.",
        descCn: "Python代码库中的错误通常使用Exceptions进行通信。异常对象在发生错误时被“引发”，并且可以在程序的稍后点被“捕获”，通常会执行一些错误处理或日志记录操作。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b110_try_except_pass.html",
    },
    {
        id: "B111",
        name: "execute_with_run_as_root_equals_true",
        titleEn: "Test for the use of rootwrap running as root",
        titleCn: "测试是否使用以root身份运行的rootwrap",
        descEn: "Running commands as root dramatically increase their potential risk. Running commands with restricted user privileges provides defense in depth against command injection attacks, or developer and configuration error. This plugin test checks for specific methods being called with a keyword parameter run_as_root set to True, a common OpenStack idiom.",
        descCn: "以root身份运行命令会显著增加其潜在风险。使用受限的用户权限运行命令可以深入防御命令注入攻击或开发人员和配置错误。这个插件测试检查被调用的特定方法，其中关键字参数run_as_root设置为True，这是一个常见的OpenStack习惯用法。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b111_execute_with_run_as_root_equals_true.html",
    },
    {
        id: "B112",
        name: "try_except_continue",
        titleEn: "Test for a continue in the except block",
        titleCn: "测试是否在except块中存在continue",
        descEn: "Errors in Python code bases are typically communicated using Exceptions. An exception object is ‘raised’ in the event of an error and can be ‘caught’ at a later point in the program, typically some error handling or logging action will then be performed.",
        descCn: "Python代码库中的错误通常使用Exceptions进行通信。异常对象在发生错误时被“引发”，并且可以在程序的稍后点被“捕获”，通常会执行一些错误处理或日志记录操作。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b112_try_except_continue.html",
    },
    {
        id: "B113",
        name: "request_without_timeout",
        titleEn: "Test for missing requests timeout",
        titleCn: "测试丢失的请求超时",
        descEn: "This plugin test checks for requests calls without a timeout specified.Nearly all production code should use this parameter in nearly all requests, Failure to do so can cause your program to hang indefinitely.",
        descCn: "此插件测试在没有指定超时的情况下检查请求调用。几乎所有的生产代码都应该在几乎所有的请求中使用此参数。如果不这样做，可能会导致程序无限期挂起。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b113_request_without_timeout.html",
    },
    {
        id: "B201",
        name: "flask_debug_true",
        titleEn: "Test for use of flask app with debug set to true",
        titleCn: "在调试设置为true的情况下测试flask的使用 ",
        descEn: "Running Flask applications in debug mode results in the Werkzeug debugger being enabled. This includes a feature that allows arbitrary code execution. Documentation for both Flask and Werkzeug strongly suggests that debug mode should never be enabled on production systems.",
        descCn: "在调试模式下运行Flask应用程序会导致启用Werkzeug调试器。这包括一个允许执行任意代码的功能。Flask和Werkzeug的文档都强烈建议永远不要在生产系统上启用调试模式。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b201_flask_debug_true.html",
    },
    {
        id: "B202",
        name: "tarfile_unsafe_members",
        titleEn: "Test for tarfile.extractall",
        titleCn: "测试tarfile.extractall的使用",
        descEn: `This plugin will look for usage of tarfile.extractall()

Severity are set as follows:
        
tarfile.extractalll(members=function(tarfile)) - LOW
tarfile.extractalll(members=?) - member is not a function - MEDIUM
tarfile.extractall() - members from the archive is trusted - HIGH`,
        descCn: `这个插件将查找tarfile.extractall()的用法

严重性设置如下：
tarfile.extractalll(members=function(tarfile)) - LOW
tarfile.extractalll(members=?) - member is not a function - MEDIUM
tarfile.extractall() - members from the archive is trusted - HIGH`,
        url: "https://bandit.readthedocs.io/en/latest/plugins/b202_tarfile_unsafe_members.html",
    },
    {
        id: "B324",
        name: "hashlib",
        titleEn: "Test use of insecure md4, md5, or sha1 hash functions in hashlib",
        titleCn: "测试hashlib中不安全的md4、md5或sha1哈希函数的使用",
        descEn: "This plugin checks for the usage of the insecure MD4, MD5, or SHA1 hash functions in hashlib and crypt. The hashlib.new function provides the ability to construct a new hashing object using the named algorithm. This can be used to create insecure hash functions like MD4 and MD5 if they are passed as algorithm names to this function.",
        descCn: "此插件检查hashlib和crypt中不安全的MD4、MD5或SHA1哈希函数的使用情况。hashlib.new函数提供了使用命名算法构造新哈希对象的能力。如果将MD4和MD5作为算法名称传递给此函数，则可以使用此方法创建不安全的散列函数。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b324_hashlib.html",
    },
    {
        id: "B501",
        name: "request_with_no_cert_validation",
        titleEn: "Test for missing certificate validation",
        titleCn: "缺少证书验证的测试",
        descEn: "Encryption in general is typically critical to the security of many applications. Using TLS can greatly increase security by guaranteeing the identity of the party you are communicating with. This is accomplished by one or both parties presenting trusted certificates during the connection initialization phase of TLS.",
        descCn: "加密通常对许多应用程序的安全性至关重要。使用TLS可以保证与您通信的一方的身份，从而大大提高安全性。这是通过一方或双方在TLS的连接初始化阶段提供可信证书来实现的。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b501_request_with_no_cert_validation.html",
    },
    {
        id: "B502",
        name: "ssl_with_bad_version",
        titleEn: "Test for SSL use with bad version used",
        titleCn: "使用错误版本测试SSL使用情况",
        descEn: `Several highly publicized exploitable flaws have been discovered in all versions of SSL and early versions of TLS. It is strongly recommended that use of the following known broken protocol versions be avoided:
SSL v2
SSL v3
TLS v1
TLS v1.1`,
        descCn: `在所有版本的SSL和早期版本的TLS中都发现了一些备受关注的可利用缺陷。强烈建议避免使用以下已知的破坏协议版本：

SSL v2
SSL v3
TLS v1
TLS v1.1`,
        url: "https://bandit.readthedocs.io/en/latest/plugins/b502_ssl_with_bad_version.html",
    },
    {
        id: "B503",
        name: "ssl_with_bad_defaults",
        titleEn: "Test for SSL use with bad defaults specified",
        titleCn: "使用指定的错误默认值测试SSL使用情况",
        descEn: "This plugin is part of a family of tests that detect the use of known bad versions of SSL/TLS, please see ../plugins/ssl_with_bad_version for a complete discussion. Specifically, this plugin test scans for Python methods with default parameter values that specify the use of broken SSL/TLS protocol versions. Currently, detection supports methods using Python’s native SSL/TLS support and the pyOpenSSL module. A MEDIUM severity warning will be reported whenever known broken protocol versions are detected.",
        descCn: "此插件是检测已知错误版本SSL/TLS使用情况的测试系列的一部分，请参阅/plugins/ssl_with_bad_version进行完整的讨论。具体来说，这个插件测试扫描具有默认参数值的Python方法，这些默认参数值指定使用损坏的SSL/TLS协议版本。目前，检测支持使用Python的本地SSL/TLS支持和pyOpenSSL模块的方法。只要检测到已知的已损坏协议版本，就会报告“中等”严重性警告。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b503_ssl_with_bad_defaults.html",
    },
    {
        id: "B504",
        name: "ssl_with_no_version",
        titleEn: "Test for SSL use with no version specified",
        titleCn: "在未指定版本的情况下测试SSL的使用",
        descEn: "This plugin is part of a family of tests that detect the use of known bad versions of SSL/TLS, please see ../plugins/ssl_with_bad_version for a complete discussion. Specifically, This plugin test scans for specific methods in Python’s native SSL/TLS support and the pyOpenSSL module that configure the version of SSL/TLS protocol to use. These methods are known to provide default value that maximize compatibility, but permit use of the aforementioned broken protocol versions. A LOW severity warning will be reported whenever this is detected.",
        descCn: "此插件是检测已知错误版本SSL/TLS使用情况的测试系列的一部分，请参阅/plugins/ssl_with_bad_version进行完整的讨论。具体来说，这个插件测试扫描Python的本地SSL/TLS支持和pyOpenSSL模块中的特定方法，这些方法配置要使用的SSL/TLS协议的版本。众所周知，这些方法提供了最大限度地提高兼容性的默认值，但允许使用上述损坏的协议版本。只要检测到这种情况，就会报告LOW严重性警告。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b504_ssl_with_no_version.html",
    },
    {
        id: "B505",
        name: "weak_cryptographic_key",
        titleEn: "Test for weak cryptographic key use",
        titleCn: "弱加密密钥使用测试",
        descEn: "As computational power increases, so does the ability to break ciphers with smaller key lengths. The recommended key length size for RSA and DSA algorithms is 2048 and higher. 1024 bits and below are now considered breakable. EC key length sizes are recommended to be 224 and higher with 160 and below considered breakable. This plugin test checks for use of any key less than those limits and returns a high severity error if lower than the lower threshold and a medium severity error for those lower than the higher threshold.",
        descCn: "随着计算能力的提高，用较小的密钥长度破解密码的能力也在提高。RSA和DSA算法的建议密钥长度大小为2048或更高。1024位及以下的比特现在被认为是可破坏的。建议EC钥匙长度尺寸为224及以上，160及以下为易碎。此插件测试检查是否使用了低于这些限制的任何密钥，如果低于较低阈值，则返回高严重性错误，如果低于较高阈值，则会返回中等严重性错误。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b505_weak_cryptographic_key.html",
    },
    {
        id: "B506",
        name: "yaml_load",
        titleEn: "Test for use of yaml load",
        titleCn: "yaml.load使用测试",
        descEn: "This plugin test checks for the unsafe usage of the yaml.load function from the PyYAML package. The yaml.load function provides the ability to construct an arbitrary Python object, which may be dangerous if you receive a YAML document from an untrusted source. The function yaml.safe_load limits this ability to simple Python objects like integers or lists.",
        descCn: "此插件测试检查PyYAML包中yaml.load函数的不安全使用情况。yaml.load函数提供了构造任意Python对象的能力，如果您从不受信任的源接收到yaml文档，这可能是危险的。函数yaml.safe_load将此功能限制为简单的Python对象，如整数或列表。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b506_yaml_load.html",
    },
    {
        id: "B507",
        name: "ssh_no_host_key_verification",
        titleEn: "Test for missing host key validation",
        titleCn: "测试是否缺少主机密钥验证",
        descEn: "Encryption in general is typically critical to the security of many applications. Using SSH can greatly increase security by guaranteeing the identity of the party you are communicating with. This is accomplished by one or both parties presenting trusted host keys during the connection initialization phase of SSH.",
        descCn: "加密通常对许多应用程序的安全性至关重要。使用SSH可以保证与您通信的一方的身份，从而大大提高安全性。这是通过一方或双方在SSH的连接初始化阶段提供受信任的主机密钥来实现的。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b507_ssh_no_host_key_verification.html",
    },
    {
        id: "B508",
        name: "snmp_insecure_version",
        titleEn: "Checking for insecure SNMP versions",
        titleCn: "检查不安全的SNMP版本",
        descEn: "Please update your code to use more secure versions of SNMP.",
        descCn: "请更新您的代码以使用更安全的SNMP版本。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b508_snmp_insecure_version.html",
    },
    {
        id: "B509",
        name: "snmp_weak_cryptography",
        titleEn: "Checking for weak cryptography",
        titleCn: "检查弱加密",
        descEn: "Please update your code to use more secure versions of SNMP.",
        descCn: "Please update your code to use more secure versions of SNMP.",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b509_snmp_weak_cryptography.html",
    },
    {
        id: "B601",
        name: "paramiko_calls",
        titleEn: "Test for shell injection within Paramiko",
        titleCn: "使用Paramiko测试脚本注入",
        descEn: "Paramiko is a Python library designed to work with the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. It is intended to run commands on a remote host. These commands are run within a shell on the target and are thus vulnerable to various shell injection attacks. Bandit reports a MEDIUM issue when it detects the use of Paramiko’s “exec_command” method advising the user to check inputs are correctly sanitized.",
        descCn: "Paramiko是一个Python库，旨在与SSH2协议合作，实现与远程机器的安全（加密和验证）连接。它旨在在远程主机上运行命令。这些命令在目标的shell中运行，因此容易受到各种shell注入攻击。当Bandit检测到使用Paramiko的“exec_command”方法建议用户检查输入是否正确消毒时，它会报告一个MEDIUM问题。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b601_paramiko_calls.html",
    },
    {
        id: "B602",
        name: "subprocess_popen_with_shell_equals_true",
        titleEn: "Test for use of popen with shell equals true",
        titleCn: "使用shell测试popen等于true",
        descEn: "This plugin test is part of a family of tests built to check for process spawning and warn appropriately. Specifically, this test looks for the spawning of a subprocess using a command shell. This type of subprocess invocation is dangerous as it is vulnerable to various shell injection attacks. Great care should be taken to sanitize all input in order to mitigate this risk. Calls of this type are identified by a parameter of ‘shell=True’ being given.",
        descCn: "这个插件测试是一系列测试的一部分，这些测试旨在检查进程生成并发出适当的警告。具体来说，此测试使用命令shell查找子流程的生成。这种类型的子流程调用是危险的，因为它容易受到各种shell注入攻击。应该非常小心地对所有输入进行消毒，以减轻这种风险。此类型的调用由给定的参数“shell=True”标识。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html",
        shellInjection: true,
    },
    {
        id: "B603",
        name: "subprocess_without_shell_equals_true",
        titleEn: "Test for use of subprocess without shell equals true",
        titleCn: "测试是否使用不带shell的子进程等于true",
        descEn: "This plugin test is part of a family of tests built to check for process spawning and warn appropriately. Specifically, this test looks for the spawning of a subprocess without the use of a command shell. This type of subprocess invocation is not vulnerable to shell injection attacks, but care should still be taken to ensure validity of input.",
        descCn: "这个插件测试是一系列测试的一部分，这些测试旨在检查进程生成并发出适当的警告。具体来说，这个测试在不使用命令shell的情况下寻找子流程的生成。这种类型的子流程调用不易受到shell注入攻击，但仍应注意确保输入的有效性。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html",
        shellInjection: true,
    },
    {
        id: "B604",
        name: "any_other_function_with_shell_equals_true",
        titleEn: "Test for any function with shell equals true",
        titleCn: "测试shell等于true的任何函数",
        descEn: "This plugin test is part of a family of tests built to check for process spawning and warn appropriately. Specifically, this plugin test interrogates method calls for the presence of a keyword parameter shell equalling true. It is related to detection of shell injection issues and is intended to catch custom wrappers to vulnerable methods that may have been created.",
        descCn: "这个插件测试是一系列测试的一部分，这些测试旨在检查进程生成并发出适当的警告。具体来说，这个插件测试询问方法调用是否存在等于true的关键字参数shell。它与检测shell注入问题有关，旨在捕获可能已创建的易受攻击方法的自定义包装。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b604_any_other_function_with_shell_equals_true.html",
        shellInjection: true,
    },
    {
        id: "B605",
        name: "start_process_with_a_shell",
        titleEn: "Test for starting a process with a shell",
        titleCn: "用shell启动进程的测试",
        descEn: "This plugin test is part of a family of tests built to check for process spawning and warn appropriately. Specifically, this test looks for the spawning of a subprocess using a command shell. This type of subprocess invocation is dangerous as it is vulnerable to various shell injection attacks. Great care should be taken to sanitize all input in order to mitigate this risk. Calls of this type are identified by the use of certain commands which are known to use shells. Bandit will report a LOW severity warning.",
        descCn: "这个插件测试是一系列测试的一部分，这些测试旨在检查进程生成并发出适当的警告。具体来说，此测试使用命令shell查找子流程的生成。这种类型的子流程调用是危险的，因为它容易受到各种shell注入攻击。应该非常小心地对所有输入进行消毒，以减轻这种风险。这种类型的调用是通过使用某些已知使用shell的命令来识别的。Bandit将报告LOW严重性警告。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html",
        shellInjection: true,
    },
    {
        id: "B606",
        name: "start_process_with_no_shell",
        titleEn: "Test for starting a process with no shell",
        titleCn: "no shell启动进程的测试",
        descEn: "This plugin test is part of a family of tests built to check for process spawning and warn appropriately. Specifically, this test looks for the spawning of a subprocess in a way that doesn’t use a shell. Although this is generally safe, it maybe useful for penetration testing workflows to track where external system calls are used. As such a LOW severity message is generated.",
        descCn: "这个插件测试是一系列测试的一部分，这些测试旨在检查进程生成并发出适当的警告。具体来说，这个测试以不使用shell的方式寻找子流程的生成。尽管这通常是安全的，但对于渗透测试工作流来说，跟踪外部系统调用的使用位置可能很有用。因此，将生成一条LOW严重性消息。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b606_start_process_with_no_shell.html",
        shellInjection: true,
    },
    {
        id: "B607",
        name: "start_process_with_partial_path",
        titleEn: "Test for starting a process with a partial path",
        titleCn: "用部分路径启动进程的测试",
        descEn: "This test will scan the parameters of all configured Python methods, looking for paths that do not start at the filesystem root, that is, do not have a leading ‘/’ character.",
        descCn: "此测试将扫描所有配置的Python方法的参数，查找不从文件系统根开始的路径，即不具有前导“/”字符的路径。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b607_start_process_with_partial_path.html",
        shellInjection: true,
    },
    {
        id: "B608",
        name: "hardcoded_sql_expressions",
        titleEn: "Test for SQL injection",
        titleCn: "SQL注入测试",
        descEn: "An SQL injection attack consists of insertion or “injection” of a SQL query via the input data given to an application. It is a very common attack vector. This plugin test looks for strings that resemble SQL statements that are involved in some form of string building operation.",
        descCn: "SQL注入攻击包括通过提供给应用程序的输入数据插入或“注入”SQL查询。这是一种非常常见的攻击向量。这个插件测试寻找类似SQL语句的字符串，这些SQL语句涉及某种形式的字符串构建操作。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b608_hardcoded_sql_expressions.html",
    },
    {
        id: "B609",
        name: "linux_commands_wildcard_injection",
        titleEn: "Test for use of wildcard injection",
        titleCn: "通配符注入的使用测试",
        descEn: "Python provides a number of methods that emulate the behavior of standard Linux command line utilities. Like their Linux counterparts, these commands may take a wildcard “*” character in place of a file system path. This is interpreted to mean “any and all files or folders” and can be used to build partially qualified paths, such as “/home/user/*”.",
        descCn: "Python提供了许多方法来模拟标准Linux命令行实用程序的行为。与Linux对应命令一样，这些命令可以使用通配符“*”来代替文件系统路径。这被解释为“任何和所有文件或文件夹”，可用于构建部分限定的路径，如“/home/user/*”。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b609_linux_commands_wildcard_injection.html",
        shellInjection: true,
    },
    {
        id: "B610",
        name: "django_extra_used",
        titleEn: "Potential SQL injection on extra function",
        titleCn: "额外函数上潜在的SQL注入",
        descEn: "",
        descCn: "",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b610_django_extra_used.html",
    },
    {
        id: "B611",
        name: "django_rawsql_used",
        titleEn: "Potential SQL injection on RawSQL function",
        titleCn: "RawSQL函数上潜在的SQL注入",
        descEn: "",
        descCn: "",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b611_django_rawsql_used.html",
    },
    {
        id: "B612",
        name: "logging_config_insecure_listen",
        titleEn: "Test for insecure use of logging.config.listen",
        titleCn: "测试logging.config.listen的不安全使用",
        descEn: "This plugin test checks for the unsafe usage of the logging.config.listen function. The logging.config.listen function provides the ability to listen for external configuration files on a socket server. Because portions of the configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen().",
        descCn: "此插件测试检查logging.config.listen函数的不安全使用情况。logging.config.listen函数提供了监听套接字服务器上的外部配置文件的功能。由于部分配置是通过eval()传递的，因此使用此函数可能会给用户带来安全风险。虽然该函数只绑定到本地主机上的套接字，因此不接受来自远程机器的连接，但在某些情况下，不受信任的代码可能会在调用listen()的进程的帐户下运行。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b612_logging_config_insecure_listen.html",
    },
    {
        id: "B701",
        name: "jinja2_autoescape_false",
        titleEn: "Test for not auto escaping in jinja2",
        titleCn: "在jinja2中进行非自动excaping测试",
        descEn: "Jinja2 is a Python HTML templating system. It is typically used to build web applications, though appears in other places well, notably the Ansible automation system. When configuring the Jinja2 environment, the option to use autoescaping on input can be specified. When autoescaping is enabled, Jinja2 will filter input strings to escape any HTML content submitted via template variables. Without escaping HTML input the application becomes vulnerable to Cross Site Scripting (XSS) attacks.",
        descCn: "Jinja2是一个Python HTML模板系统。它通常用于构建web应用程序，但也出现在其他地方，尤其是Ansible自动化系统。在配置Jinja2环境时，可以指定在输入时使用自动转义的选项。当启用自动转义时，Jinja2将过滤输入字符串，以转义通过模板变量提交的任何HTML内容。如果不转义HTML输入，应用程序就容易受到跨站点脚本（XSS）攻击。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b701_jinja2_autoescape_false.html",
    },
    {
        id: "B702",
        name: "use_of_mako_templates",
        titleEn: "Test for use of mako templates",
        titleCn: "mako模板的使用测试",
        descEn: "Mako is a Python templating system often used to build web applications. It is the default templating system used in Pylons and Pyramid. Unlike Jinja2 (an alternative templating system), Mako has no environment wide variable escaping mechanism. Because of this, all input variables must be carefully escaped before use to prevent possible vulnerabilities to Cross Site Scripting (XSS) attacks.",
        descCn: "Mako是一个Python模板系统，通常用于构建web应用程序。它是Pylons和Pyramid中使用的默认模板系统。与Jinja2（一种替代模板系统）不同，Mako没有全环境的变量转义机制。因此，所有输入变量在使用前都必须小心地进行转义，以防止可能存在的跨站点脚本（XSS）攻击漏洞。",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b702_use_of_mako_templates.html",
    },
    {
        id: "B703",
        name: "django_mark_safe",
        titleEn: "Potential XSS on mark_safe function",
        titleCn: "mark_safe函数上潜在的XSS",
        descEn: "",
        descCn: "",
        url: "https://bandit.readthedocs.io/en/latest/plugins/b703_django_mark_safe.html",
    },
];